Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
File:                     0jhr7YO2RaK64TifU9llfZGedtE.mft (raw, json)
Hash identifier:          7xNJKxCtAiPbi23V+NWbO/1rkusoPDH69BI/4pUvrW8=
Subject key identifier:   CA:56:5B:98:48:48:61:C7:6E:A5:AD:FC:42:59:04:DE:4D:DE:88:0E
Authority key identifier: D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1
Certificate issuer:       /CN=d2386bed83b645a2bae1389f53d9657d919e76d1
Certificate serial:       019D28F289FCF993E9414D3C76A9C75C0ABB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
Manifest number:          0C4C
Signing time:             Thu 26 Mar 2026 07:01:16 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:16 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:16 +0000
Files and hashes:         1: 0jhr7YO2RaK64TifU9llfZGedtE.crl (hash: GIO6+PdsiGLnL1Nc2rANio+7+DYeYQgL3uwph9WG+uY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:89:fc:f9:93:e9:41:4d:3c:76:a9:c7:5c:0a:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2386bed83b645a2bae1389f53d9657d919e76d1
        Validity
            Not Before: Mar 26 07:01:16 2026 GMT
            Not After : Mar 27 07:01:16 2026 GMT
        Subject: CN=ca565b98484861c76ea5adfc425904de4dde880e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:e2:3f:b8:cc:87:0f:a9:58:5e:b1:cc:df:4b:
                    45:64:d3:e8:ee:f4:04:d5:60:b1:a5:e6:1e:93:f0:
                    84:00:db:98:a1:5a:c6:9a:cb:fb:63:01:e5:3c:fe:
                    0c:c3:a2:d2:45:e1:54:a7:46:ea:e7:be:3c:f1:7d:
                    bc:d1:03:31:ba:44:e2:3c:f1:e6:a5:66:8e:3e:45:
                    c7:d1:60:bf:0c:a9:ef:70:58:61:17:8b:97:14:ee:
                    24:fd:c2:7a:40:b0:00:66:11:36:a2:a2:7f:e4:5c:
                    bf:ca:2c:c4:52:89:7b:a4:64:b7:56:56:75:88:b4:
                    13:b8:b5:b4:93:db:ed:03:b0:7c:ee:dc:cb:8e:37:
                    00:16:d9:e7:db:fe:b2:c2:b5:a3:96:71:c6:90:35:
                    82:99:1a:1f:76:f5:50:27:14:6c:f0:68:b5:4d:3e:
                    e3:7c:1f:3b:57:1d:75:f2:c3:ba:21:75:33:96:af:
                    dc:55:46:c5:d5:72:10:90:df:71:e2:12:3b:cf:15:
                    52:8a:0f:f9:78:52:2a:e0:92:1c:1e:df:21:a4:85:
                    03:be:c7:3e:11:d5:e3:c3:d1:c2:a7:3f:6b:22:ab:
                    9e:1d:18:bb:49:c4:f7:13:9d:ed:97:6f:2c:93:ff:
                    b1:e0:04:01:f4:9d:82:fe:1b:10:76:c5:9a:60:10:
                    88:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:56:5B:98:48:48:61:C7:6E:A5:AD:FC:42:59:04:DE:4D:DE:88:0E
            X509v3 Authority Key Identifier:
                keyid:D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:2e:4c:53:c4:5f:4a:11:13:17:b9:d7:f8:7a:57:be:d3:ab:
         81:07:95:74:c4:ec:7b:ff:d1:3d:98:05:b3:b5:64:bf:28:45:
         49:55:71:0e:32:23:95:30:df:d9:c4:ef:37:35:08:be:07:e5:
         57:1c:f4:bc:5b:f3:56:3c:4b:98:05:24:18:02:ef:57:c5:00:
         69:52:77:ef:78:3d:89:41:de:e3:96:87:bf:7a:d2:35:f9:fe:
         4c:1e:5f:c9:2c:35:8d:30:05:27:37:15:44:c4:6c:02:7e:ae:
         ee:43:be:c2:2e:d5:d5:89:0f:5b:7d:e2:cc:67:02:39:97:ba:
         ec:5b:7a:a3:da:71:81:31:63:e1:fc:56:65:0d:d8:30:a0:9b:
         ba:a4:a4:fd:24:cd:c6:89:09:b3:fb:d7:b5:dc:f1:c7:c8:3f:
         76:da:de:b1:25:cd:2c:57:ff:44:01:68:72:59:20:dd:0c:e7:
         76:25:12:08:07:fb:5e:b8:aa:f7:a1:c7:f7:36:4e:8c:7f:20:
         28:f9:d8:ad:50:5b:27:ca:a6:68:21:9b:94:fe:7f:4f:23:8f:
         26:7f:66:a6:7c:f1:3a:b3:80:80:ea:75:9c:aa:39:37:2f:c9:
         fb:12:93:7d:fb:44:a0:dc:95:6d:85:06:05:ce:36:db:eb:d5:
         b6:a4:a6:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8on8+ZPpQU08dqnHXAq7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMzg2YmVkODNiNjQ1YTJiYWUxMzg5ZjUzZDk2NTdkOTE5
ZTc2ZDEwHhcNMjYwMzI2MDcwMTE2WhcNMjYwMzI3MDcwMTE2WjAzMTEwLwYDVQQD
EyhjYTU2NWI5ODQ4NDg2MWM3NmVhNWFkZmM0MjU5MDRkZTRkZGU4ODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+I/uMyHD6lYXrHM30tFZNPo7vQE
1WCxpeYek/CEANuYoVrGmsv7YwHlPP4Mw6LSReFUp0bq57488X280QMxukTiPPHm
pWaOPkXH0WC/DKnvcFhhF4uXFO4k/cJ6QLAAZhE2oqJ/5Fy/yizEUol7pGS3VlZ1
iLQTuLW0k9vtA7B87tzLjjcAFtnn2/6ywrWjlnHGkDWCmRofdvVQJxRs8Gi1TT7j
fB87Vx118sO6IXUzlq/cVUbF1XIQkN9x4hI7zxVSig/5eFIq4JIcHt8hpIUDvsc+
EdXjw9HCpz9rIqueHRi7ScT3E53tl28sk/+x4AQB9J2C/hsQdsWaYBCIWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMpWW5hISGHHbqWt/EJZBN5N3ogOMB8GA1UdIwQY
MBaAFNI4a+2DtkWiuuE4n1PZZX2RnnbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTkt
MDM0MzgzNTFhMzY5LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTktMDM0MzgzNTFhMzY5
LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWi5MU8Rf
ShETF7nX+HpXvtOrgQeVdMTse//RPZgFs7VkvyhFSVVxDjIjlTDf2cTvNzUIvgfl
Vxz0vFvzVjxLmAUkGALvV8UAaVJ373g9iUHe45aHv3rSNfn+TB5fySw1jTAFJzcV
RMRsAn6u7kO+wi7V1YkPW33izGcCOZe67Ft6o9pxgTFj4fxWZQ3YMKCbuqSk/STN
xokJs/vXtdzxx8g/dtresSXNLFf/RAFoclkg3QzndiUSCAf7Xriq96HH9zZOjH8g
KPnYrVBbJ8qmaCGblP5/TyOPJn9mpnzxOrOAgOp1nKo5Ny/J+xKTfftEoNyVbYUG
Bc422+vVtqSm5Q==
-----END CERTIFICATE-----